UAB IT and HSIS offer guidance on new computer security flaws

UAB IT and HSIS are strongly urging IT professionals, staff, faculty and students to update browsers and system software to combat two serious computer flaws known as “Meltdown” and “Spectre” as soon as updates become available.

These vulnerabilities are caused by design defects in the hardware of most modern computing devices, including smartphones and tablets. This could permit unauthorized disclosure of sensitive or restricted data.

What to do

It is imperative that operating system updates are applied as soon they become available. UAB IT and HSIS will perform these updates for supported desktop, server and virtualization systems.

Browser updates, which are or will soon be released, should also be installed. UAB IT and HSIS will push these to supported desktops and servers. UAB IT will begin pushing Windows updates to Desktop customers at 4 p.m. on Sunday, Jan. 7.

Customers should reboot their systems as soon as they are notified that updates are available on their systems.

Vendors will also release firmware updates for affected computers. (Firmware is special software that controls computers and other digital devices.) This will require physical access to affected systems.

Users of systems that aren’t supported by UAB IT or HSIS should also apply these updates.

So far, no updates have been announced for smartphones or tablets. These will have to be installed when they become available.

It’s also important to install these updates on computers and other devices that aren’t managed by UAB IT or HSIS. If you need assistance, please consult IT personnel in your school or department or contact your help desk. You can reach campus AskIT at 996-5555 or askit@uab.edu and HSIS at 934-8888 or helpdesk@uabmc.edu.